security
Intended Documentation
OpenShell Integration Threat Model
Threat model and mitigation controls for Intended-governed OpenShell and NemoClaw runtime integrations.
OpenShell Integration Threat Model#
This model covers Intended integration with customer-operated OpenShell / NemoClaw runtime surfaces.
Trust boundaries#
- Intended boundary: intent normalization, policy evaluation, authority decision, audit lineage.
- Runtime boundary (customer): runtime host, credentials, policy apply flow, outbound network behavior.
- Third-party boundary: upstream runtime software and provider infrastructure.
Primary threats#
Policy over-permissioning
- Risk: excessive endpoint/method scope grants unsafe runtime capability.
- Controls:
- review inferred presets before apply
- stage-first deployment
- high-risk execution in review or enforce-fail-closed mode
Credential misuse
- Risk: runtime secrets leak or are reused across environments.
- Controls:
- separate runtime creds from Intended API credentials
- rotate secrets on incident trigger
- minimize credential scope per environment
Audit/decision drift
- Risk: execution occurs without corresponding authority lineage.
- Controls:
- enforce token verification at execution boundary
- require trace metadata propagation
- alert on execution records missing decision linkage
Upstream runtime alpha risk
- Risk: provider-side instability or security gaps in alpha/preview software.
- Controls:
- isolate runtime blast radius
- maintain staged rollout and rollback artifacts
- keep high-risk actions under explicit approvals
Required controls before production#
- policy artifact review + approval
- outbound endpoint allowlist validation
- fail-closed path verification for privileged actions
- rollback artifact prepared and tested
- incident response ownership documented
Evidence to capture#
- compiled policy artifact hash
- authority decision IDs and trace IDs
- execution results with enforcement outcome
- incident/rollback timeline when controls trigger